The university’s department of Secure Login Systems has just launched three prototypes of their research projects.
Maybe you can have a look at all three of them:

Login 1

Login 2

Login 3

Let’s start with looking at the source of Login 1.

The password consists of two parts. The first part uses strings from var _0x86d1 which are “hex” and “randomBytes” respectively. The expected behaviour of generatePart1 function to call crypto.randomBytes(8) to get random 8 bytes first. Then, convert it to a 16 character hex string by calling toString(‘hex’). I said expected behaviour because this is not the real case. Why? It is because all line breaks after return is interpreted as semicolons in JavaScript. I recommend you to watch this video. Anyway, the function returns undefined due to the line break.

The second part is simpler. Just run it using a javascript interpreter and it will return the result. You can use your browser’s console.

As we see, it simply returns “1337”. Hence, the password for Login 1 is undefined1337.

Let’s continue with Login 2.

This one calculates the md5 hash of the password and compares it to a hash string, but the comparasion is loose. Therefore, we can use type juggling to get the flag. If you look carefully, the hash starts with ‘0e’ and the rest is all digits. It is interpreted as exponential notation and equivalent to 0. We just need a string whose hash is also starts with ‘0e’ and does not contain any character other than digits at the rest of it. There is a well-known magic string which is “240610708”. Using this string as a password will allow us to read the flag.

Finally, let’s look at the source of Login 3.

Here, the password is read from a file, but there are some assertions which might be helpful. The first assertion tells us that the password’s length is 3. The second assertion tells that password is only consist of digits. We can simply brute force it by trying every password from 000 to 999.

I have created a python script to solve these 3 challenges and print the flag.

Let’s run it and get the flag.

Here is flag{W0w_1_gu3ss_th1s_t0_be_4_pr3tty_4_d4mn_l0ng_fl4g}.